CVE-2024-30389
CVSS V2 None
CVSS V3 None
Description
An Incorrect Behavior Order vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on EX4300 Series allows an unauthenticated, network-based attacker to cause an integrity impact to networks downstream of the vulnerable device.
When an output firewall filter is applied to an interface it doesn't recognize matching packets but permits any traffic.
This issue affects Junos OS 21.4 releases from 21.4R1 earlier than 21.4R3-S6.
This issue does not affect Junos OS releases earlier than 21.4R1.
Overview
- CVE ID
- CVE-2024-30389
- Assigner
- juniper
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-12T15:24:09.806Z
- Last Modified Date
- 2024-05-16T20:20:24.333Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| http://supportportal.juniper.net/JSA79185 | vendor-advisory |
| https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N | technical-description |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-30389 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-30389 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-26 11:50:10 | Added to TrackCVE |